Hails: Protecting data privacy in untrusted web applications
Modern extensible web platforms like Facebook and Yammer depend on third-party
software to offer a rich experience to their users. Unfortunately, users running a third-party …
software to offer a rich experience to their users. Unfortunately, users running a third-party …
Build it, break it, fix it: Contesting secure development
Typical security contests focus on breaking or mitigating the impact of buggy systems. We
present the Build-it, Break-it, Fix-it (BIBIFI) contest, which aims to assess the ability to …
present the Build-it, Break-it, Fix-it (BIBIFI) contest, which aims to assess the ability to …
Hails: Protecting data privacy in untrusted web applications
Many modern web-platforms are no longer written by a single entity, such as a company or
individual, but consist of a trusted core that can be extended by untrusted third-party authors …
individual, but consist of a trusted core that can be extended by untrusted third-party authors …
Foundations for parallel information flow control runtime systems
We present the foundations for a new dynamic information flow control (IFC) parallel runtime
system, LIO _ PAR. To our knowledge, LIO _ PAR is the first dynamic language-level IFC …
system, LIO _ PAR. To our knowledge, LIO _ PAR is the first dynamic language-level IFC …
Abstracting faceted execution
Faceted execution is a linguistic paradigm for dynamic information-flow control with the
distinguishing feature that program values may be faceted. Such values represent multiple …
distinguishing feature that program values may be faceted. Such values represent multiple …
Racets: Faceted execution in racket
K Micinski, Z Wang, T Gilray - arXiv preprint arXiv:1807.09377, 2018 - arxiv.org
Faceted Execution is a linguistic paradigm for dynamic information-flow control. Under
faceted execution, secure program data is represented by faceted values: decision trees that …
faceted execution, secure program data is represented by faceted values: decision trees that …
Build it break it: Measuring and comparing development security
There is currently little evidence about what tools, methods, processes, and languages lead
to secure software. We present the experimental design of the Build it Break it secure …
to secure software. We present the experimental design of the Build it Break it secure …
[图书][B] Flow-limited authorization
O Arden - 2017 - search.proquest.com
Enforcing the confidentiality and integrity of information is critical in distributed applications.
Production systems typically use some form of authorization mechanism to protect …
Production systems typically use some form of authorization mechanism to protect …
[图书][B] Verifying Information Flow Control Libraries
M Vassena - 2019 - search.proquest.com
Abstract Information Flow Control (IFC) is a principled approach to protecting the
confidentiality and integrity of data in software systems. Intuitively, IFC systems associate …
confidentiality and integrity of data in software systems. Intuitively, IFC systems associate …
Advanced Language-Based Techniques for Correct, Secure Networked Systems
J Parker - 2020 - search.proquest.com
Developing correct and secure software is an important task that impacts many areas
including finance, transportation, health, and defense. In order to develop secure programs …
including finance, transportation, health, and defense. In order to develop secure programs …